Skip to content

Vaultwarden Vaultwarden Vaultwarden

Description / nameInput element
Container Registry
Container Configuration Root Path
Timezone
User ID
Group ID
Vaultwarden Host Port
Vaultwarden /config Path

Build Status Last Commit

Lightweight Bitwarden-compatible password manager server — self-host your passwords, secrets, and secure notes.
Port 80
Registry ghcr.io/daemonless/vaultwarden
Daemonless daemonless/vaultwarden
Source dani-garcia/vaultwarden
Website github.com/dani-garcia/vaultwarden

Version Tags

Tag Description Best For
latest Upstream Binary. Built from official release. Alternative build.
pkg FreeBSD Quarterly. Uses stable, tested packages. Most users. Matches Linux Docker behavior.
pkg-latest FreeBSD Latest. Rolling package updates. Newest FreeBSD packages.

Root Privileges Required

Podman on FreeBSD currently requires root. All commands must be run as root (or via doas/sudo).

Before deploying, ensure your host environment is ready. See the Quick Start Guide for host setup instructions.

Deployment

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
services:
  vaultwarden:
    image: "ghcr.io/daemonless/vaultwarden:latest"
    container_name: vaultwarden
    environment:
      - PUID=1000  # User ID for the application process
      - PGID=1000  # Group ID for the application process
      - TZ=UTC  # Timezone for the container
      - SIGNUPS_ALLOWED=true  # Enable/disable user registration (true/false)
    volumes:
      - "/path/to/containers/vaultwarden:/config"
    ports:
      - "80:80"
    restart: unless-stopped

1
2
3
4
5
6
7
# .env

DIRECTOR_PROJECT=vaultwarden
PUID=1000
PGID=1000
TZ=UTC
SIGNUPS_ALLOWED=true

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# appjail-director.yml

options:
  - virtualnet: ':<random> default'
  - nat:
services:
  vaultwarden:
    name: vaultwarden
    options:
      - container: 'boot args:--pull'
      - expose: '80:80 proto:tcp' \
    oci:
      user: root
      environment:
        - PUID: !ENV '${PUID}'
        - PGID: !ENV '${PGID}'
        - TZ: !ENV '${TZ}'
        - SIGNUPS_ALLOWED: !ENV '${SIGNUPS_ALLOWED}'
    volumes:
      - VAULTWARDEN_CONFIG_PATH: /config
volumes:
  VAULTWARDEN_CONFIG_PATH:
    device: '/path/to/containers/vaultwarden'

1
2
3
4
5
6
# Makejail 

ARG tag=latest

OPTION overwrite=force
OPTION from=ghcr.io/daemonless/vaultwarden:${tag}

1
2
3
4
5
6
7
8
podman run -d --name vaultwarden \
  -p 80:80 \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=UTC \
  -e SIGNUPS_ALLOWED=true \
  -v /path/to/containers/vaultwarden:/config \
  ghcr.io/daemonless/vaultwarden:latest

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
appjail oci run -Pd \
  -o overwrite=force \
  -o container="args:--pull" \
  -o virtualnet=":<random> default" \
  -o nat \
  -o expose="80:80 proto:tcp" \
  -e PUID=1000 \
  -e PGID=1000 \
  -e TZ=UTC \
  -e SIGNUPS_ALLOWED=true \
  -o fstab="/path/to/containers/vaultwarden /config <pseudofs>" \
  ghcr.io/daemonless/vaultwarden:latest vaultwarden

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
- name: Deploy vaultwarden
  containers.podman.podman_container:
    name: vaultwarden
    image: "ghcr.io/daemonless/vaultwarden:latest"
    state: started
    restart_policy: always
    env:
      PUID: "1000"
      PGID: "1000"
      TZ: "UTC"
      SIGNUPS_ALLOWED: "true"
    ports:
      - "80:80"
    volumes:
      - "/path/to/containers/vaultwarden:/config"

Access at: http://localhost:80

Interactive Configuration

Parameters

Environment Variables

Variable Default Description
PUID 1000 User ID for the application process
PGID 1000 Group ID for the application process
TZ UTC Timezone for the container
SIGNUPS_ALLOWED true Enable/disable user registration (true/false)

Volumes

Path Description
/config Data directory (database, attachments, icons)

Ports

Port Protocol Description
80 TCP Web UI

Implementation Details

  • Architectures: amd64
  • User: bsd (UID/GID set via PUID/PGID). Defaults to 1000:1000.
  • Base: Built on ghcr.io/daemonless/base (FreeBSD 15.1).

Need help? Join our Discord community.